Report Malware and Suspicious Links here so Mods can take Action ! - page 47.

Rizzrack

copper member

Activity: 783

Merit: 710

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: morvillz7z on July 25, 2020, 05:13:17 PM

Quote from: Lafu on July 25, 2020, 07:24:03 AM

ethpillan/PillForETH

^I confirm that this is indeed malware and posts have to be deleted, user banned.
After further investigation, i found out two users who have direct links to the same malware zip file in their signatures.
Screenshots:
https://i.ibb.co/StbqMXp/asgsg.jpg
https://i.ibb.co/tXvF07r/sdfvg.jpg

Accounts:
https://bitcointalksearch.org/user/brotherwood12-1079480
https://bitcointalksearch.org/user/bitcoinfriends-507542

Found a dozen more with that github repo in the signature space.
I'll give them that... inventive, but still useless. Pathetic goblins probably buy them off the dark web and just upload them to github and post the url here. A monkey can do that if you train it enough, witch seems to be the case here.
Luckily they are morons

and are found without much effort at all !

I suppose the scammers read this thread too so just want to say :

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Please ban newbie pcare2019 and delete their fake announcement thread for TERA PLATFORM.

[ANN] BEST MINING [TERA PLATFORM] [DApp, PoW, CPU, 1000 TPS] <--- DELETE

-user in question has two year posting-gap (This user recently woke up from a long period of inactivity.)
-malicious github account is created less than 3 hours ago
-self-moderated thread

Original TERA PLATFORM thread and GitHub:
https://bitcointalksearch.org/topic/ann-tera-smart-money-smart-contracts-pow-cpu-1000-tps-4573801
https_://gitlab.com/terafoundation/

Fake TERA PLATFORM thread and GitHub:
https://bitcointalksearch.org/topic/--5265809
https_://github.com/tera-foundation/ (brand new)
http://archive.md/yR7jc

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : ✅[ANN][2POW] Luck - A new consensus algorithm to eliminate large mining pools

User : mokul77 <----- Please Ban that User

This user recently woke up from a long period of inactivity.

Last post from that User was done in September 02, 2019

Archive : https://archive.fo/wip/l84jQ

Code:

[b]Wallets and miners:[/b]

For Windows - [url=https://github.com/Luck-project/wallet/releases/download/1.0/luck-win.zip]https://github.com/luck-coin/luckcoin/releases/download/1.0/luck-win.zip[/url]

Fake Github : https_://github.com/Luck-project/wallet/releases/download/1.0/luck-win.zip

Real Github : https_://github.com/luck-coin/luckcoin

Original ANN

Thread : [ANN][2POW] Luck - A new consensus algorithm to eliminate large mining pools

User : Sherlock.Holmes

Code:

https://github.com/luck-coin/luckcoin

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: Rikafip on July 30, 2020, 02:23:40 PM

Another suspicious announcement thread with standard red flags. Account recently awoke after two years break and made copy of already existing ANN from 2018. Github account shared in the thread seems to be legit (same as the one shared in original ANN from 2018) so maybe they plan to replace it later on, as they sometimes do that, in order to postpone nuking.

User NDangMinh
ANN https://bitcointalksearch.org/topic/--5265689
Archive https://archive.fo/CjMPJ

Code:

https://github.com/coinpeng/pengcore/releases/tag/1.4.1/peng-1.4.1-win64.zip

Original Ann 🚀🚀 [PENG] PENG ⭐MASTERNODE ⭐POS ⭐ ZEROCOIN ⭐A NEW ERA
Github account https://github.com/coinpeng

It's been changed to a malware link.

https--://github.com/peng-coin/wallet/releases/download/1.0/peng-1.4.1-win64.zip\

New archive: http://archive.is/bvGTJ

Reported and negative feedback left.

-Dave

Rikafip

legendary

Activity: 1722

Merit: 5937

Another suspicious announcement thread with standard red flags. Account recently awoke after two years break and made copy of already existing ANN from 2018. Github account shared in the thread seems to be legit (same as the one shared in original ANN from 2018) so maybe they plan to replace it later on, as they sometimes do that, in order to postpone nuking.

User NDangMinh
ANN https://bitcointalksearch.org/topic/--5265689
Archive https://archive.fo/CjMPJ

Code:

https://github.com/coinpeng/pengcore/releases/tag/1.4.1/peng-1.4.1-win64.zip

Original Ann 🚀🚀 [PENG] PENG ⭐MASTERNODE ⭐POS ⭐ ZEROCOIN ⭐A NEW ERA
Github account https://github.com/coinpeng

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : [ANN] [JUMBO] JUMBO Coin - Helping Members to Organise Finances for Retir

User : bohemianaman5 <----- Please Ban that User

This user recently woke up from a long period of inactivity.

Last post from that User was in December 08, 2019 , possible hacked or sold Account

Archive : https://archive.fo/wip/C7zwi

Code:

[b][color=#0098F4]WALLETS[/color] [/b]
[b]Windows Github[/b]: [url=https://github.com/Jumbo-Coin/wallet/releases/download/0.0.1/JumboCoin.Win.zip]https://github.com/jumbocoincrypto/JumboCoin/releases/download/JumboCoin.Win.zip [/url]

Fake Github : https_://github.com/Jumbo-Coin/wallet/releases/download/0.0.1/JumboCoin.Win.zip

Real Github : https_://github.com/jumbocoincrypto/JumboCoin/releases/tag/0.0.1

Original ANN

Thread : [ANN] [JUMBO] JUMBO Coin - Helping Members to Organise Finances for Retirement

User : jumbocoin

Code:

[b][color=#0098F4]WALLETS[/color] [/b]
[b]Windows Github[/b]: https://github.com/jumbocoincrypto/JumboCoin/releases/tag/0.0.1

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Just a short one:

Malware link --> https://bitcointalksearch.org/topic/--5265626

Ban this user --> https://bitcointalksearch.org/user/sleshworld-1943296
User --> sleshworld
Last post before this one was from this user was June 17, 2018, possible hacked or sold account

Original --> https://bitcointalksearch.org/topic/ann-quebecoin-qbc-pow-myr-grs-5171959

Have to run. If it's still up I'll fill in more later (githubs and such). Or if anyone else is motivated they can.

-Dave

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : [ANN] DATACOIN - PoW l LAUCNH 8:00 PM

User : sriram1291 <----- Please Ban that User

Last post from that User was done in May 03, 2018 , possible hacked Account

Archive : https://archive.fo/wip/72I5e

Code:

[size=30pt][b]0.8.6 Wallet Releases[/b][/size]
[size=16pt][b]for Windows[/b][/size]
https://github.com/datacoin-wallets/datacoin/releases/download/v1.0/datacoin-wallet.zip

Fake Github : https_://github.com/datacoin-wallets/datacoin/releases/download/v1.0/datacoin-wallet.zip

Real Github : https_://github.com/datacoinproject/datacoin/releases

Original ANN

Thread : [ANN] Datacoin - Censorship-Free Data Storage

User : extro24

Code:

[size=30pt][b]0.8.6 Wallet (Binary) Releases[/b][/size]
[size=16pt][b]for Windows, Mac and Linux[/b][/size]
https://github.com/datacoinproject/datacoin/releases

notblox1

legendary

Activity: 2086

Merit: 1282

Logo Designer ⛨ BSFL Division1

Fake ANN for Haven protocol and suspicious wallet!

User : tropygal <---- Please Ban him

Thread:
https://bitcointalksearch.org/topic/--5265392

Code:

https://github.com/havenprotocol-project/haven/releases/download/3.1.0/haven-wallet.zip

Archive: https://archive.vn/VvBCe#selection-595.0-595.87

https://www.virustotal.com/gui/file-analysis/N2Y5ZWE3OWYwZTUxNWVjNDE1ZmMzNTQ4ZWNkNzg2NDM6MTU5NjAyNTc3NA==/detection

Original Haven protocol github:
https://github.com/haven-protocol-org

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : [ANN][POW][INZ] Ionize | GPU/CPU Cryptonight Turtle LAUNCH TOMORROW 8:27 PM

User : verkul18 <----- Please Ban that User

Last post from that User was on February 16, 2020 , possible Hacked or Sold Account

Archive : https://archive.fo/wip/2Ixgi

Code:

[b][color=#107E57][size=15pt]Wallets:[/size][/color][/b]

You can download the latest Wallet from Github - https://github.com/Ionize-wallets/Ionize/releases/download/v1.0.1/Ionize-Win64-v1.0.1.zip

Fake Github : https_://github.com/Ionize-wallets/

Real Github : https_://github.com/Ionize-Project/

Original ANN

Thread : [ANN][POW][INZ] Ionize | GPU/CPU Cryptonight Turtle

User : IonizeDennis

Code:

[b][color=#107E57][size=15pt]Wallets:[/size][/color][/b]

You can download the latest CLI wallet from [url=https://github.com/Ionize-Project/Ionize/releases/latest]here[/url].

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Please ban newbie yurkagolosio and delete their fake announcement thread for Perkle.

[ANN] [POW] PERKLE - FAIR RELEASE SMART CONTRACT PLATFORM [POW] <--- DELETE

-user in question has two year posting-gap
-malicious github account is created less than 3 hours ago

Original Perkle thread and GitHub:
https://bitcointalksearch.org/topic/ann-pow-perkle-fair-release-smart-contract-platform-5054343
https_://github.com/esprezzo/perkle

Fake Perkle thread and GitHub:
https://bitcointalksearch.org/topic/--5265226
https_://github.com/perkle-source/ (brand new)
http://archive.md/sLfAT

notblox1

legendary

Activity: 2086

Merit: 1282

Logo Designer ⛨ BSFL Division1

Fake bonus and phishing scam exchange using short links!

User : baddahh <---- Please Ban him

Locked Threads:
https://bitcointalksearch.org/topic/--5265229
https://bitcointalksearch.org/topic/fast-crypto-bonus-0015-btc-and-0015-eth-for-the-first-250-users-5265227

Code:

Hey, Guys!😉
To attract NEW Crypto Users, Exchanger did a free Bonuses with 250 prizes worth almost 3.75 BTC and 3.75 ETH!
0.015 BTC and 00.15 ETH to the first 250 users.

💳How to use and get your BTC and ETH ?
➡ Sign up on the our platform: https://numl.org/ym6
➡ Go to the "Promocode" section and activate your code: DAXXPRVT227
➡ Withdraw BTC and ETH to your addresses.
➡ Done!

⚠ Do you have questions about winnings? ⚠
🌐 Contact Online Support on the site. 🌐

Archive: https://archive.vn/VX7sa

Code:

https://daxxcoins.com/

Archive: http://archive.vn/WY0ZL

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : [ANN] Titcoin [TIT] - [SHA256d] The adult cryptocurrency

User : vtanwar001 <---- Please Ban that User

Quote from: vtanwar001 on July 28, 2020, 07:46:52 AM

The creator of the original Titcoin ANN sold his account. This is an announcement of the continued Titcoin project by me (vtanwar001) as a member of the Titcoin community.

Thats not True at all ! He never posted in the Original Thread

Possible hacked Account

Archive : https://archive.fo/wip/hMjfW

Code:

[u][b]Wallets[/b][/u]

Windows - https://github.com/titcoin-wallet/titcoin/releases/download/v0.3-titcoin3/titcoin-0.3-win64-setup.zip

Fake Github : https_://github.com/titcoin-wallet/titcoin/

Real Github : https_://github.com/titcoin

Original ANN

Thread : [ANN] Titcoin [TIT] - The adult cryptocurrency

User : Gandalf86

Code:

[u][b]Links[/b][/u]

[list]
[li]Website: https://titcoin.github.io/[/li]

[li]Github: https://github.com/titcoin[/li]

Old Titcoin links:

[list]
[li]Previous ANN: https://bitcointalk.org/index.php?topic=423523.0[/li]
[li]Original website domain: http://titcoins.biz/[/li]
[li]Original Github: https://github.com/OfficialTitcoin/titcoin-wallet[/li]
[li]Old wallet (mirror): https://github.com/titcoin/titcoin-original[/li]

Quote from: Gandalf86 on July 26, 2020, 06:15:58 AM

Hi all, we have an exchange listing offer from Crex24 (https://crex24.com/). They will list Titcoin for a listing fee of $3500 or 0.35 BTC. If someone here would like to donate the listing fee, please get in contact with me!

That post was 2 days ago

Lafu

legendary

Activity: 3136

Merit: 3213

Next Fake ANN !

Thread : [ANN] DEURO [SCRYPT][POW] Digital EURO

User : ynsmrnyn <----- Please Ban that User

Thread is selfmoderated

Last post was from that User was done in May 24, 2019

Archive : https://archive.fo/wip/PBCao

Code:

[b]WALLETS[/b]

WINDOWS

[url=https://github.com/Deuro-official/source/releases/download/Wallet/Deuro-win10-x64.zip][b]Download[/b][/url]

Fake Github : https_://github.com/Deuro-official/source/releases/download/Wallet/Deuro-win10-x64.zip

Real Github : https_://github.com/Devkon69/Digitaleuro/releases

Original ANN

Thread : [PRE-ANN][POW][SCRYPT] Digital EURO - DEURO

User : digitalica

Code:

WALLETS

WINDOWS / LINUX / MAC

https://github.com/Devkon69/Digitaleuro/releases

Rizzrack

copper member

Activity: 783

Merit: 710

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: Lafu on July 26, 2020, 01:23:37 PM

Here is another proof and Information what this Software is doing and thats it Malware and a trojan !

When you install the file and run it :....

Fair enough !

Quote from: morvillz7z on July 25, 2020, 05:13:17 PM

After further investigation, i found out two users who have direct links to the same malware zip file in their signatures.
Screenshots:
https://i.ibb.co/StbqMXp/asgsg.jpg
https://i.ibb.co/tXvF07r/sdfvg.jpg

Accounts:
https://bitcointalksearch.org/user/brotherwood12-1079480
https://bitcointalksearch.org/user/bitcoinfriends-507542

Solved !

Seems our buddies took the red pill and got a dose of reality

Quote from: Lafu on July 27, 2020, 11:54:17 AM

Quote from: morvillz7z on July 27, 2020, 11:26:21 AM

Fake Qitmeer Miner : https_://github.com/Qitmer (letter "e" missing)

Original Qitmeer Miner: https_://github.com/Qitmeer/

Nice catch and work on that !

Good find ! Not the first evil miner from our friendly malware spreaders and clearly not the last. Thx guys Wink

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: morvillz7z on July 27, 2020, 11:26:21 AM

Fake Qitmeer Miner : https_://github.com/Qitmer (letter "e" missing)

Original Qitmeer Miner: https_://github.com/Qitmeer/

Nice catch and work on that !

Archived the thread again : https://archive.fo/wip/AMcv5

Havnt checked more on it when i saw the Thread and post .
It was just a bit Suspicious to me as i looked at the Account and post history.
i wasnt quiete sure and thought we got a fake miner from Qitmeer already in the past , but have got no time to check it.
Thanks for checking it Cool

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

^ I think our guys are re-allocating efforts to spam their malware in the Mining (Altcoins) board now.

I urge you all to bookmark this link and check regularly for new miners, pills etc:

https://bitcointalk.org/index.php?board=160.0;sort=first_post;desc

Lafu caught one today, i've tagged the account, report to mods will come shortly:

Quote from: ?? on ??

Virustotal Result :
https://www.virustotal.com/gui/file/816c8ce592a25f4c8b71e4812f954b625febd2a17c17110de52d2d5fcce0070b/detection

Before you started posting a few days ago the last post was on November 12, 2018 !
What happend in the rest of the time between ?

Joined on github 2 days ago and after nearly 2 years you come back with a Miner Software .

Just asking because it looks a bit strange to me .

Archived : https://archive.fo/wip/JDg3n

Fake Qitmeer Miner : https_://github.com/Qitmer (letter "e" missing)

Original Qitmeer Miner: https_://github.com/Qitmeer/

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: morvillz7z on July 25, 2020, 05:13:17 PM

Quote from: Lafu on July 25, 2020, 07:24:03 AM

Suspicious Link with malware posted in 2 posts !

User : Acex29

ethpillan/PillForETH

^I confirm that this is indeed malware and posts have to be deleted, user banned.
After further investigation, i found out two users who have direct links to the same malware zip file in their signatures.
Screenshots:
https://i.ibb.co/StbqMXp/asgsg.jpg
https://i.ibb.co/tXvF07r/sdfvg.jpg

Accounts:
https://bitcointalksearch.org/user/brotherwood12-1079480
https://bitcointalksearch.org/user/bitcoinfriends-507542

What is interesting is that the last 2 posts of both those accounts are withing minutes of each other.
And in the last 2 or 3 posts of both those accounts the posting style and language changed.
Guessing they were sold / compromised.

I'll tag them when I get to a PC, it's a pain on the tiny mobile screen I am on now. (while remoting into a PC)

-Dave

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: morvillz7z on July 25, 2020, 05:13:17 PM

I confirm that this is indeed malware and posts have to be deleted, user banned.

Here is another proof and Information what this Software is doing and thats it Malware and a trojan !

When you install the file and run it :

mstsc.exe - a utility for working with remote desktops using the RDP protocol, establishes a connection with the Dutch server 46.249.62.235 to transfer stolen data;

Based on the analysis of the file's behavior, in no case should you run ETHpillAN on your computer. In addition, it is worth blocking the network addresses listed in the article that are used by hackers.

Source : https://www.cryptoprofi.info/?p=6834

Would be great if a Moderator or Global Moderator delete the posts from the Users that posted that and maybe ban that Users posted in the earlier Posts.

Edit :

Just archived the Information Webpage here : https://archive.fo/wip/5PtCU

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Quote from: Lafu on July 25, 2020, 07:24:03 AM

Suspicious Link with malware posted in 2 posts !

User : Acex29

ethpillan/PillForETH

^I confirm that this is indeed malware and posts have to be deleted, user banned.
After further investigation, i found out two users who have direct links to the same malware zip file in their signatures.
Screenshots:
https://i.ibb.co/StbqMXp/asgsg.jpg
https://i.ibb.co/tXvF07r/sdfvg.jpg

Accounts:
https://bitcointalksearch.org/user/brotherwood12-1079480
https://bitcointalksearch.org/user/bitcoinfriends-507542

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 47. (Read 36997 times)